[Kerberos] Find if port is available before using it for Kdc server (#36192)

If the randomly selected port was already in use the Kerberos tests would fail. This commit adds check to see if the network port is available and if not continue to find one for KDC server. If it does not find port after 100 retries it throws an exception. Closes #34261
2025-02-24 05:44:59 +00:00 · 2018-12-05 16:44:49 +11:00 · 2018-12-05 16:44:49 +11:00 · 090d766f35
commit 090d766f35
parent 3272538701
1 changed files with 27 additions and 6 deletions
--- a/x-pack/qa/evil-tests/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/SimpleKdcLdapServer.java
+++ b/x-pack/qa/evil-tests/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/SimpleKdcLdapServer.java
@ -13,7 +13,6 @@ import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.client.KrbConfig;
 import org.apache.kerby.kerberos.kerb.server.KdcConfigKey;
 import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
-import org.apache.kerby.util.NetworkUtil;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.elasticsearch.ExceptionsHelper;
@ -22,6 +21,9 @@ import org.elasticsearch.common.unit.TimeValue;
 import org.elasticsearch.test.ESTestCase;

 import java.io.IOException;
+import java.net.DatagramSocket;
+import java.net.InetAddress;
+import java.net.ServerSocket;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
@ -31,6 +33,8 @@ import java.security.PrivilegedExceptionAction;
 import java.util.Locale;
 import java.util.concurrent.TimeUnit;

+import javax.net.ServerSocketFactory;
+
 /**
 * Utility wrapper around Apache {@link SimpleKdcServer} backed by Unboundid
 * {@link InMemoryDirectoryServer}.<br>
@ -127,14 +131,14 @@ public class SimpleKdcLdapServer {
        simpleKdc.setWorkDir(workDir.toFile());
        simpleKdc.setKdcHost(host);
        simpleKdc.setKdcRealm(realm);
-        if (kdcPort == 0) {
-            kdcPort = NetworkUtil.getServerPort();
-        }
        if (transport != null) {
-            if (transport.trim().equals("TCP")) {
+            if (kdcPort == 0) {
+                kdcPort = getServerPort(transport);
+            }
+            if (transport.trim().equalsIgnoreCase("TCP")) {
                simpleKdc.setKdcTcpPort(kdcPort);
                simpleKdc.setAllowUdp(false);
-            } else if (transport.trim().equals("UDP")) {
+            } else if (transport.trim().equalsIgnoreCase("UDP")) {
                simpleKdc.setKdcUdpPort(kdcPort);
                simpleKdc.setAllowTcp(false);
            } else {
@ -221,4 +225,21 @@ public class SimpleKdcLdapServer {
        logger.info("SimpleKdcServer stoppped.");
    }

+    private static int getServerPort(String transport) {
+        if (transport != null && transport.trim().equalsIgnoreCase("TCP")) {
+            try (ServerSocket serverSocket = ServerSocketFactory.getDefault().createServerSocket(0, 1,
+                    InetAddress.getByName("127.0.0.1"))) {
+                return serverSocket.getLocalPort();
+            } catch (Exception ex) {
+                throw new RuntimeException("Failed to get a TCP server socket point");
+            }
+        } else if (transport != null && transport.trim().equalsIgnoreCase("UDP")) {
+            try (DatagramSocket socket = new DatagramSocket(0, InetAddress.getByName("127.0.0.1"))) {
+                return socket.getLocalPort();
+            } catch (Exception ex) {
+                throw new RuntimeException("Failed to get a UDP server socket point");
+            }
+        }
+        throw new IllegalArgumentException("Invalid transport: " + transport);
+    }
 }